Upgrade dependencies and build environment (NEWRELIC-7248) (#386)

* upgrade dependencies and build environment
* support a new set of Kubernets versions
* fix script name typo
* adapt script to use new yq version
* revert upgrade of load test pipeline
* try to upgrade yq

.github/workflows/load_test.yml

@@ -9,27 +9,41 @@ jobs:
   load_tests:
     if: ${{ ! contains(github.event.pull_request.labels.*.name, 'ci/skip-load-test') }}
     name: Load Tests
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-20.04  # Read the comment below why this is not set to `latest`.
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
       - uses: actions/setup-go@v3
         with:
-          go-version: '^1.13.1'
-      - name: Installing dependencies yq and skaffold
+          go-version-file: "go.mod"
+      - name: Installing dependencies
         run: |
-          sudo wget -O /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64
-          sudo chmod +x /usr/local/bin/yq
           sudo wget -O /usr/local/bin/skaffold https://storage.googleapis.com/skaffold/releases/latest/skaffold-linux-amd64
           sudo chmod +x /usr/local/bin/skaffold
+      # Load test uses skaffold to run `nri-prometheus` in the cluster. skaffold is not compatible with minikube when the
+      # clusters do not use docker as CRI giving this error:
+      #
+      # invalid skaffold config: getting minikube env: running [/home/runner/work/_temp/minikube docker-env --shell none -p minikube --user=skaffold]
+      #  - stdout: "false exit code 14\n"
+      #  - stderr: "X Exiting due to MK_USAGE: The docker-env command is only compatible with the \"docker\" runtime, but this cluster was configured to use the \"containerd\" runtime.\n"
+      #  - cause: exit status 14
+      #
+      # Se we are in a dependency cycle:
+      #  - Minikube with Kubernetes > 1.24 needs the CRI to NOT be docker
+      #  - Skaffold needs the CRI to be docker
+      #
+      # Here we test `nri-prometheus`, Kubernetes is just a tool we use for testing, so we should not care about the version 
+      # of Kubernetes and we should not upgrade it so the test keeps working.
       - name: Setup Minikube
         uses: manusa/[email protected]
         with:
-          minikube version: 'v1.15.1'
-          kubernetes version: 'v1.19.4'
-      - name: Run laod tests
+          minikube version: v1.15.1
+          kubernetes version: v1.19.4
+          github token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Run load tests
         env:
           NEWRELIC_LICENSE: ${{ secrets.NEWRELIC_LICENSE }}
         run : |
-          source ./load-test/laod_test.sh
+          source ./load-test/load_test.sh
           runLoadTest

.github/workflows/push_pr.yml

@@ -20,7 +20,7 @@ jobs:
     timeout-minutes: 15
     strategy:
       matrix:
-        kubernetes-version: [ "v1.16.15", "v1.22.0" ]
+        kubernetes-version: [ "v1.25.6", "v1.26.0" ]
     steps:
       - uses: actions/checkout@v3
         with:
@@ -47,10 +47,10 @@ jobs:
             fi
           done
       - name: Setup Minikube
-        uses: manusa/[email protected].1
+        uses: manusa/[email protected].2
         if: steps.list-changed.outputs.changed == 'true'
         with:
-          minikube version: v1.20.0
+          minikube version: v1.29.0
           kubernetes version: ${{ matrix.kubernetes-version }}
           github token: ${{ secrets.GITHUB_TOKEN }}
       - uses: actions/setup-go@v3
@@ -74,7 +74,7 @@ jobs:
 
   static-analysis:
     name: Run all static analysis checks
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-go@v2
@@ -95,21 +95,15 @@ jobs:
 
   test-nix:
     name: Run unit tests on *Nix
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - name: Login to DockerHub
-        if: ${{ env.DOCKER_LOGIN_AVAILABLE }}
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
-          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
       - name: Unit tests
         run: make ci/test
 
   test-windows:
     name: Run unit tests on Windows
-    runs-on: windows-2019
+    runs-on: windows-latest
     env:
       GOPATH: ${{ github.workspace }}
     defaults:
@@ -132,14 +126,8 @@ jobs:
   # make sure code build in all platforms
   build:
     name: Build binary for all platforms:arch
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - name: Login to DockerHub
-        if: ${{ env.DOCKER_LOGIN_AVAILABLE }}
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
-          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
       - name: Build all platforms:arch
         run: make ci/build

.github/workflows/release-integration.yml

@@ -18,38 +18,17 @@ env:
   TAG_SUFFIX: "" # This suffix is used for pre-release only
 
 jobs:
-  # this might not be necessary
-  snyk:
-    name: Run security checks via snyk
-    runs-on: ubuntu-20.04
-    env:
-      SNYK_TOKEN: ${{ secrets.COREINT_SNYK_TOKEN }}
-    steps:
-      - uses: actions/checkout@v3
-      - name: Login to DockerHub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
-          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
-      - name: Scan code for vulnerabilities
-        run: make ci/snyk-test
-
   test-nix:
     name: Run unit tests on *Nix
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - name: Login to DockerHub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.OHAI_DOCKER_HUB_ID }}
-          password: ${{ secrets.OHAI_DOCKER_HUB_PASSWORD }}
       - name: Unit tests
         run: make ci/test
 
   test-windows:
     name: Run unit tests on Windows
-    runs-on: windows-2019
+    runs-on: windows-latest
     env:
       GOPATH: ${{ github.workspace }}
     defaults:
@@ -71,7 +50,7 @@ jobs:
 
   integration-release:
     name: Use goreleaser for releasing
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     needs: [ test-nix, test-windows ]
     steps:
       - name: checkout

CHANGELOG.md

@@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## 2.18.0  (2023-03-08)
+### Changed
+- Upgrade Go to 1.19 and bump dependencies
+
 ## v2.17.0
 ## Changed
 - Exposed `self_metrics_listening_address` to set listening address for self-metrics, having as default `:8080`.

build/Dockerfile

@@ -1,6 +1,6 @@
 FROM golang:1.19-buster
 
-ARG GH_VERSION='1.4.0'
+ARG GH_VERSION='2.23.0'
 
 RUN apt-get update \
     && apt-get -y install \
@@ -11,5 +11,8 @@ RUN apt-get update \
     unzip \
     zip
 
+# Since the user does not match the owners of the repo "git rev-parse --is-inside-work-tree" fails and goreleaser does not populate projectName
+# https://stackoverflow.com/questions/72978485/git-submodule-update-failed-with-fatal-detected-dubious-ownership-in-repositor
+RUN git config --global --add safe.directory '*'
 RUN wget -q https://github.com/cli/cli/releases/download/v${GH_VERSION}/gh_${GH_VERSION}_linux_amd64.deb -O /tmp/gh_${GH_VERSION}_linux_amd64.deb \
     && apt-get -y install /tmp/gh_${GH_VERSION}_linux_amd64.deb

go.mod

@@ -8,72 +8,70 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.14.0
 	github.com/prometheus/client_model v0.3.0
-	github.com/prometheus/common v0.39.0
+	github.com/prometheus/common v0.42.0
 	github.com/sirupsen/logrus v1.9.0
-	github.com/spf13/viper v1.14.0
+	github.com/spf13/viper v1.15.0
 	github.com/stretchr/testify v1.8.1
-	k8s.io/api v0.25.4
-	k8s.io/apimachinery v0.25.4
-	k8s.io/client-go v0.25.4
+	k8s.io/api v0.26.2
+	k8s.io/apimachinery v0.26.2
+	k8s.io/client-go v0.26.2
 )
 
 require (
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/emicklei/go-restful/v3 v3.8.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.10.1 // indirect
 	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
 	github.com/go-logr/logr v1.2.3 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
-	github.com/go-openapi/jsonreference v0.19.5 // indirect
-	github.com/go-openapi/swag v0.19.14 // indirect
+	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
+	github.com/go-openapi/swag v0.22.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/google/gnostic v0.5.7-v3refs // indirect
-	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/google/gnostic v0.6.9 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/magiconair/properties v1.8.6 // indirect
-	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/magiconair/properties v1.8.7 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
-	github.com/newrelic/infrastructure-agent v0.0.0-20201127092132-00ac7efc0cc6 // indirect
-	github.com/pelletier/go-toml v1.9.5 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.5 // indirect
+	github.com/newrelic/infrastructure-agent v0.1.0 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.7 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/procfs v0.8.0 // indirect
-	github.com/spf13/afero v1.9.2 // indirect
+	github.com/prometheus/procfs v0.9.0 // indirect
+	github.com/spf13/afero v1.9.5 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stretchr/objx v0.5.0 // indirect
-	github.com/subosito/gotenv v1.4.1 // indirect
-	golang.org/x/net v0.4.0 // indirect
-	golang.org/x/oauth2 v0.3.0 // indirect
-	golang.org/x/sys v0.3.0 // indirect
-	golang.org/x/term v0.3.0 // indirect
-	golang.org/x/text v0.5.0 // indirect
-	golang.org/x/time v0.1.0 // indirect
+	github.com/subosito/gotenv v1.4.2 // indirect
+	golang.org/x/net v0.8.0 // indirect
+	golang.org/x/oauth2 v0.6.0 // indirect
+	golang.org/x/sys v0.6.0 // indirect
+	golang.org/x/term v0.6.0 // indirect
+	golang.org/x/text v0.8.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.28.1 // indirect
+	google.golang.org/protobuf v1.29.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/klog/v2 v2.70.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
-	k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed // indirect
-	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	k8s.io/klog/v2 v2.90.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20230303024457-afdc3dddf62d // indirect
+	k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
-	sigs.k8s.io/yaml v1.2.0 // indirect
+	sigs.k8s.io/yaml v1.3.0 // indirect
 )
 
 // To mitigate Snyk security scan.